Skip to content

feat(compliance): add CWEs verification for sast analysis#2793

Merged
migmartri merged 2 commits intochainloop-dev:mainfrom
kaysavps:cwes-verification
Mar 4, 2026
Merged

feat(compliance): add CWEs verification for sast analysis#2793
migmartri merged 2 commits intochainloop-dev:mainfrom
kaysavps:cwes-verification

Conversation

@kaysavps
Copy link
Contributor

@kaysavps kaysavps commented Feb 26, 2026

This enables verification of the non-existence of CWES in the SAST analysis.

refs #2792

Before merging, the CWES policy group must be enabled in the Chainloop Platform.

@kaysavps
feat(compliance): add CWEs verification for sast analysis
455545e 
Signed-off-by: Victoria <kaysa.vps@gmail.com>
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 26, 2026
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

@jiparis jiparis marked this pull request as draft February 27, 2026 17:40
@jiparis
Copy link
Member

jiparis commented Feb 27, 2026

Before merging, the CWES policy group must be enabled in the Chainloop Platform.
I've put this PR in draft until this is resolved, to prevent accidental merge.

@kaysavps kaysavps marked this pull request as ready for review March 2, 2026 09:14
@kaysavps kaysavps marked this pull request as draft March 2, 2026 09:14
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 2, 2026
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

Requires human review: This change modifies CI/CD contract configuration and introduces new compliance requirements (CWEs), which is a high-impact infrastructure/policy change requiring human review.

@kaysavps
Merge branch 'main' into cwes-verification
a050ce1 
Signed-off-by: kaysavps <49433866+kaysavps@users.noreply.github.com>
@kaysavps kaysavps marked this pull request as ready for review March 2, 2026 09:19
@kaysavps
Copy link
Contributor Author

kaysavps commented Mar 2, 2026

CWEs policy group is already enabled in Chainloop Platform. Moving it to ready to merge.

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 2, 2026
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

Requires human review: Modifies CI/CD workflow contracts and security policy configurations, which requires verification of external platform state (cwes policy group).

@migmartri migmartri merged commit 72ae67c into chainloop-dev:main Mar 4, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@migmartri migmartri migmartri approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kaysavps @jiparis @migmartri